Most applications today authenticate users with a username and a password (for example, during logging into mobile banking). As a result, the entire infrastructure which supports these applications is built for username/password authentication. As new and more advanced authentication techniques such as fingerprint, face recognition, voice recognition, and drawing a pattern emerge, application service providers need to adjust their systems to support these techniques. This requires a lot of expensive changes in the backend (a backend application or program serves indirectly in support of the frontend services, usually by having the capability to communicate with the required resource) authentication and authorization servers of the app service provider (to identify the currently signed-in user on the server).
It is therefore an object of the present invention to provide application developers with advanced authentication techniques without making any changes to their existing authentication backend.
Other objects and advantages of the invention will become apparent as the description proceeds.